Hi.
I just installed Avast 5 Free on my Vista 64bit enterprise PC. Everything works great except…
If I use a test PC with no antivirus active and shared a folder over the network containing the eicar test virus .
Then when i mount the share with my PC that runs Avast 5 Free and try to open the Eicar.com file it allows me to open the file with no problem Avast doesn’t detect that I’m executing/reading a (test) virus. ???
This is a huge security risc to me. why don’t Avast 5 warn me about the virus!? is this a free version feature?
Hi!
by clicking on it, resulting in windows trying to execute the file (obviously it resulted in an execution error sins the file isn’t actually an executable file). and by opening it with notepad. none of the two actions did trigger Avast shield.
if i try to copy the file to my computer it results in a alert from avast.
I see… I overlooked the key information in your first post.
You are wrong about the file not being executable - it is. It is a DOS file… which, when executed, prints the test file string. With avast! installed, the execution is prevented and a virus warning appears instead.
However… all that on a 32bit OS. Since you have a 64bit OS, you don’t have any 16bit subsystem there (so the file cannot be executed there) - so there’s no execution avast! could block.
So, this has nothing to do with network shares. If you had a real malware on the network share, it would get detected and blocked on execution. It’s just that Eicar is a bit obsolete - and not a good test file on 64bit OSes. Of course, if you enable scanning on open, not just on execute, it gets detected as well - but I’d say it’s an unnecessary overkill.
While I’m not saying there isn’t any difference deep inside, I don’t understand where you see the difference.
The behavior should be the same - no matter if Eicar is on local disk or remote share.
I just tested Avast on a windows Xp 32bit PC and you are correct that Avast blocks Eicar to execute from the share.
However i can copy the eicar.com file back an fort on network shares without Avast complaining. as long as i don’t copy it to a local drive.
I tested to add *.com to the “scan when opening” and “scan when writing” advanced settings but it doesn’t trigger Avast. The only thing that seems to help is to enable scan all files in “scan when opening” advanced settings. Then Avast triggers when i copy the file betwen shares.
I use Total Commander 7.50a to brows and copy files.